HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required High

Scope Changed

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00057.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Hpe Subscribe
Alletra 4110 Subscribe
Alletra 4120 Subscribe
Alletra 4140 Subscribe
Apollo 2000 System Subscribe
Apollo 4200 Gen10 Plus System Subscribe
Apollo 4200 Gen10 Server Subscribe
Apollo 4510 Gen10 System Subscribe
Apollo 6500 Gen10 Plus System Subscribe
Apollo 6500 Gen10 System Subscribe
Apollo N2600 Gen10 Plus Subscribe
Apollo N2800 Gen10 Plus Subscribe
Apollo R2200 Gen10 Subscribe
Apollo R2600 Gen10 Subscribe
Apollo R2800 Gen10 Subscribe
Edgeline E920 Server Blade Subscribe
Edgeline E920d Server Blade Subscribe
Edgeline E920t Server Blade Subscribe
Integrated Lights-out 5 Firmware Subscribe
Integrated Lights-out 6 Firmware Subscribe
Proliant Bl460c Gen10 Server Blade Subscribe
Proliant Dl110 Gen10 Plus Telco Server Subscribe
Proliant Dl110 Gen11 Subscribe
Proliant Dl160 Gen10 Server Subscribe
Proliant Dl180 Gen10 Server Subscribe
Proliant Dl20 Gen10 Plus Server Subscribe
Proliant Dl20 Gen10 Server Subscribe
Proliant Dl20 Gen11 Subscribe
Proliant Dl320 Gen11 Server Subscribe
Proliant Dl325 Gen10 Plus Server Subscribe
Proliant Dl325 Gen10 Plus V2 Server Subscribe
Proliant Dl325 Gen11 Server Subscribe
Proliant Dl345 Gen10 Plus Server Subscribe
Proliant Dl345 Gen11 Server Subscribe
Proliant Dl360 Gen10 Plus Server Subscribe
Proliant Dl360 Gen10 Server Subscribe
Proliant Dl360 Gen11 Server Subscribe
Proliant Dl365 Gen10 Plus Server Subscribe
Proliant Dl365 Gen11 Server Subscribe
Proliant Dl380 Gen10 Plus Server Subscribe
Proliant Dl380 Gen10 Server Subscribe
Proliant Dl380 Gen11 Server Subscribe
Proliant Dl380a Gen11 Subscribe
Proliant Dl385 Gen10 Plus Server Subscribe
Proliant Dl385 Gen10 Plus V2 Server Subscribe
Proliant Dl385 Gen10 Server Subscribe
Proliant Dl385 Gen11 Server Subscribe
Proliant Dl560 Gen10 Server Subscribe
Proliant Dl560 Gen11 Subscribe
Proliant Dl580 Gen10 Server Subscribe
Proliant E910 Server Blade Subscribe
Proliant E910t Server Blade Subscribe
Proliant M750 Server Blade Subscribe
Proliant Microserver Gen10 Plus Subscribe
Proliant Microserver Gen10 Plus V2 Subscribe
Proliant Ml110 Gen10 Server Subscribe
Proliant Ml110 Gen11 Subscribe
Proliant Ml30 Gen10 Plus Server Subscribe
Proliant Ml30 Gen10 Server Subscribe
Proliant Ml30 Gen11 Subscribe
Proliant Ml350 Gen10 Server Subscribe
Proliant Ml350 Gen11 Server Subscribe
Proliant Rl300 Gen11 Subscribe
Proliant Xl170r Gen10 Server Subscribe
Proliant Xl190r Gen10 Server Subscribe
Proliant Xl220n Gen10 Plus Server Subscribe
Proliant Xl225n Gen10 Plus 1u Node Subscribe
Proliant Xl230k Gen10 Server Subscribe
Proliant Xl270d Gen10 Server Subscribe
Proliant Xl290n Gen10 Plus Server Subscribe
Proliant Xl2x260w Gen10 Server Subscribe
Proliant Xl645d Gen10 Plus Server Subscribe
Proliant Xl675d Gen10 Plus Server Subscribe
Proliant Xl925g Gen10 Plus 1u 4-node Configure-to-order Server Subscribe
Synergy 480 Gen10 Compute Module Subscribe
Synergy 480 Gen10 Plus Compute Module Subscribe
Synergy 480 Gen11 Compute Module Subscribe
Synergy 660 Gen10 Compute Module Subscribe

Configuration 1 [-]

AND
cpe:2.3:o:hpe:integrated_lights-out_5_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:hpe:apollo_2000_system:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_4200_gen10_plus_system:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_4200_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_4510_gen10_system:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_6500_gen10_plus_system:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_6500_gen10_system:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_n2600_gen10_plus:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_n2800_gen10_plus:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_r2200_gen10:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_r2600_gen10:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:apollo_r2800_gen10:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:edgeline_e920_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:edgeline_e920d_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:edgeline_e920t_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_bl460c_gen10_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl110_gen10_plus_telco_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl160_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl180_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl20_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl20_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl325_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl325_gen10_plus_v2_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl345_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl360_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl360_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl365_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl380_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl380_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl385_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl385_gen10_plus_v2_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl385_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl560_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl580_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_e910_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_e910t_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_m750_server_blade:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_microserver_gen10_plus:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_microserver_gen10_plus_v2:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml110_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml30_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml30_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml350_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl170r_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl190r_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl220n_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl225n_gen10_plus_1u_node:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl230k_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl270d_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl290n_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl2x260w_gen10_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl645d_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl675d_gen10_plus_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_xl925g_gen10_plus_1u_4-node_configure-to-order_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:synergy_480_gen10_compute_module:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:synergy_480_gen10_plus_compute_module:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:synergy_660_gen10_compute_module:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:hpe:integrated_lights-out_6_firmware:*:*:*:*:*:*:*:*
OR cpe:2.3:h:hpe:alletra_4110:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:alletra_4120:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:alletra_4140:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl110_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl20_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl320_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl325_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl345_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl360_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl365_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl380_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl380a_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl385_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_dl560_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml110_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml30_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_ml350_gen11_server:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:proliant_rl300_gen11:-:*:*:*:*:*:*:*
cpe:2.3:h:hpe:synergy_480_gen11_compute_module:-:*:*:*:*:*:*:*

No data.

No data.

Advisories
Source ID Title
EUVD EUVD EUVD-2023-35251 HPE Integrated Lights-Out 5, and Integrated Lights-Out 6 using iLOrest may cause denial of service.
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
https://support.hpe.com/hpesc/public/docDisplay?docLocale=en_US&docId=hpesbhf04544en_us cve-icon cve-icon cve-icon
History

No history.

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: hpe

Published:

Updated: 2024-09-13T17:29:55.595Z

Reserved: 2023-04-20T16:58:53.926Z

Link: CVE-2023-30911

cve-icon Vulnrichment

Updated: 2024-08-02T14:37:15.495Z

cve-icon NVD

Status : Modified

Published: 2023-10-18T18:15:09.033

Modified: 2024-11-21T08:01:03.383

Link: CVE-2023-30911

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses